In the age of social media, it is important to understand how to use it in a professional manner. Healthcare providers may be interested to know if patient friend requests are HIPAA compliant. Although not prohibited by HIPAA law, it may not be the best idea to become friends with patients on Facebook. 

It may be more appropriate to be Facebook friends with patients if your practice is in a small community where everyone knows everybody. However, if a covered entity (CE) is friends with their patients on social media, they may not use the platform to transmit any protected health information (PHI) or comment on a patient’s health. 

Is Facebook’s Chat Function HIPAA Compliant?

Additionally, healthcare providers cannot use the chat function on social media platforms to send any PHI. Even when the conversation is initiated by the patient, it is not HIPAA compliant to engage in medical discussions via social media. Social media platforms do not have the proper safeguards in accordance with HIPAA standards to protect PHI. As such, healthcare entities should never use social media in conjunction with PHI.

For HIPAA compliant communication outside of the office, it is recommended that covered entities implement a personal health records (PHR) system. A PHR enables patients to view their medical records, appointment reminders, medication list, and test results, enabling patients to manage their healthcare from home. In addition, advanced PHR tools allow for HIPAA compliant messaging between patients and providers.

Do you have an effective HIPAA compliance program? Find out now by completing the HIPAA compliance checklist.

Are Patient Friend Requests HIPAA Compliant?

While patient friend requests do not violate HIPAA, they are not recommended. Before deciding whether or not to connect to patients through social media, healthcare workers must look at their organizations policies in regards to social media. If it is permitted within your organization’s policies to be friends with a patient on social media, it is imperative that the social platforms are not used with PHI or to dispense medical advice. Implementing a personal health records system is the best way to answer patient questions in between appointments. 

Complete Compliance Solution

Make sure your business and the tools you use to run it are compliant.

Global CTAs Image